urlscan.io logo urlscan.io
SecurityTrails logo

dh111.ptwmqkb.xyz Open in urlscan Pro
103.119.13.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dh111.ptwmqkb.xyz/
Effective URL: https://dh111.ptwmqkb.xyz/
Submission Tags: falconsandbox
Submission: On July 09 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main IP is 103.119.13.2, located in China and belongs to TGL-AS-AP Turing Group Limited, NZ. The main domain is dh111.ptwmqkb.xyz.
TLS certificate: Issued by R10 on July 9th 2024. Valid for: 3 months.
This is the only time dh111.ptwmqkb.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 103.119.13.2 140869 (TGL-AS-AP...)
2 111.45.3.198 56040 (CMNET-GUA...)
1 106.225.241.86 134238 (CT-JIANGX...)
1 18.142.54.1 16509 (AMAZON-02)
34 5
Apex Domain
Subdomains		 Transfer
15 ptwmqkb.xyz
dh111.ptwmqkb.xyz
583 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8273
12 KB
1 bdfl514547e.xyz
web-h5.bdfl514547e.xyz
1 cnzz.com
s9.cnzz.com — Cisco Umbrella Rank: 101692
z12.cnzz.com Failed
c.cnzz.com Failed
5 KB
0 631234.men Failed
80090-gxh.631234.men Failed
0 tutu.finance Failed
tutu.finance Failed
0 bwshfmx.xyz Failed
bwshfmx.xyz Failed
34 7
Domain Requested by
15 dh111.ptwmqkb.xyz dh111.ptwmqkb.xyz
2 hm.baidu.com dh111.ptwmqkb.xyz
1 web-h5.bdfl514547e.xyz dh111.ptwmqkb.xyz
1 s9.cnzz.com dh111.ptwmqkb.xyz
0 c.cnzz.com Failed s9.cnzz.com
0 z12.cnzz.com Failed s9.cnzz.com
0 80090-gxh.631234.men Failed dh111.ptwmqkb.xyz
0 tutu.finance Failed dh111.ptwmqkb.xyz
0 bwshfmx.xyz Failed dh111.ptwmqkb.xyz
34 9

This site contains links to these domains. Also see Links.

Domain
iml.vqscvasavtzqpsj.shop
Subject Issuer Validity Valid
jdb.llxcyvq.xyz
R10		 2024-07-09 -
2024-10-07		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh
web-h5.bdfl514547e.xyz
R11		 2024-06-08 -
2024-09-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://dh111.ptwmqkb.xyz/
Frame ID: FF6BB4F1DE1037B94ECA97A2F4B1450F
Requests: 10 HTTP requests in this frame

Frame: https://dh111.ptwmqkb.xyz/head.html
Frame ID: 038E1052943823D91EF2F4CBBB0B0EC2
Requests: 3 HTTP requests in this frame

Frame: https://dh111.ptwmqkb.xyz/ziliao.html
Frame ID: 9FB9E1AA25504F42F64ED8B78C5E1903
Requests: 20 HTTP requests in this frame

Frame: https://web-h5.bdfl514547e.xyz/open-lottery
Frame ID: 5BE26C25A70C974CBB1FE21068CD45AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【金多宝】倾情打造,六合路上多金宝!

Page URL History Show full URLs

  1. http://dh111.ptwmqkb.xyz/ HTTP 307
    https://dh111.ptwmqkb.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

34
Requests

56 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

5
IPs

2
Countries

600 kB
Transfer

1060 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dh111.ptwmqkb.xyz/ HTTP 307
    https://dh111.ptwmqkb.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dh111.ptwmqkb.xyz/
Redirect Chain
  • http://dh111.ptwmqkb.xyz/
  • https://dh111.ptwmqkb.xyz/
25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
f8690708afe2f0198b51bba1990c7468aec331e8301bb192e002a487687a955f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
9538
content-type
text/html
date
Tue, 09 Jul 2024 08:28:12 GMT
etag
"634c-61c3dbdda18ba-gzip"
last-modified
Tue, 02 Jul 2024 06:22:44 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://dh111.ptwmqkb.xyz/
Non-Authoritative-Reason
HttpsUpgrades
s.css
dh111.ptwmqkb.xyz/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/css/s.css
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
3e3fdcbf8283e35c92f9a5d8bcc77275fdfb6f221fbd6b020391d2bc820f2fd3

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 12:46:30 GMT
server
Apache
etag
"6a07-61b65d2118081-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6325
tb.js
dh111.ptwmqkb.xyz/js/ 		1 KB
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/js/tb.js
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
e9951a7c919abe32c50615c5fbad2edd4facb32aaf1fd1b0c8852a73d9f973ce

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2024 08:49:30 GMT
server
Apache
etag
"475-6186614857cf6-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
679
wenzhang.js
dh111.ptwmqkb.xyz/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/js/wenzhang.js
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
e29257aa756b541ed398b631706c6efbaeef6823439dc5c66a633a5005f1a4cc

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2024 08:49:31 GMT
server
Apache
etag
"90a-6186614962a54-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1429
head.html
dh111.ptwmqkb.xyz/ Frame 038E 		2 KB
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/head.html
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/js/tb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
762cda3e18c95f424f0669081b95bce7a597409f4ce3e6bb8564e8b71e38911c

Request headers

Referer
https://dh111.ptwmqkb.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
725
content-type
text/html
date
Tue, 09 Jul 2024 08:28:13 GMT
etag
"6ff-615ab4fef55af-gzip"
last-modified
Tue, 09 Apr 2024 15:09:44 GMT
server
Apache
vary
Accept-Encoding
ziliao.html
dh111.ptwmqkb.xyz/ Frame 9FB9 		163 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/ziliao.html
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/js/wenzhang.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
56e67b787c1bec1d61f19cf5c74e84282abd70d3447a47b1d1fb3c08dc064a16

Request headers

Referer
https://dh111.ptwmqkb.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
19696
content-type
text/html
date
Tue, 09 Jul 2024 08:28:13 GMT
etag
"28db7-61ccbadaac86b-gzip"
last-modified
Tue, 09 Jul 2024 07:42:57 GMT
server
Apache
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?460c2fe339a3f660e85e3e007a4127d2
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
a918aae79fe0fcae75ae383880db79716fb500774c9d266b1d4823965e5327a7
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 08:28:13 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5c3f3328fee3866281755ed4b9e6521b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11290
z.js
s9.cnzz.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.cnzz.com/z.js?id=1281328438&async=1
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.225.241.86 , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
eb704ca9ed0955657f93075d16fdd599f5beb007439b90112e4e9fa511acb2db

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:10 GMT
via
cache43.l2cn3130[78,78,304-0,H], cache47.l2cn3130[80,0], cache9.cn3693[0,0,200-0,H], cache10.cn3693[1,0]
content-encoding
gzip
age
4
x-swift-cachetime
300
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime
Tue, 09 Jul 2024 08:28:11 GMT
content-length
4394
server
Tengine
etag
W/"10702473721774053229"
vary
accept-encoding
ali-swift-global-savetime
1720513691
content-type
application/javascript
cache-control
public, max-age=300
timing-allow-origin
*
eagleid
6ae1f19e17205136959422272e
search.jpg
dh111.ptwmqkb.xyz/images/ 		264 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/images/search.jpg
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/css/s.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
7c868324c51e80ec6ce94399e8c5819a67cfb3fc87dc143300a40d454319f549

Request headers

Referer
https://dh111.ptwmqkb.xyz/css/s.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
server
Apache
content-length
264
content-type
text/html; charset=iso-8859-1
jdb%20logo.gif
dh111.ptwmqkb.xyz/tp/ Frame 038E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/jdb%20logo.gif
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/head.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
80f58f613ac55fbb0114ac7f62a28a4754414ddc5415fd99b611aead4bc60422

Request headers

Referer
https://dh111.ptwmqkb.xyz/head.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
last-modified
Fri, 17 May 2024 11:14:17 GMT
server
Apache
accept-ranges
bytes
etag
"af5e-618a473d27ddf"
content-length
44894
content-type
image/gif
KJ77.png
dh111.ptwmqkb.xyz/tp/ Frame 038E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/KJ77.png
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/head.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
2b778fb0ae4b9e007ca1bb3da45b7059e1a2514f86504cd587291d19947b449c

Request headers

Referer
https://dh111.ptwmqkb.xyz/head.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:13 GMT
last-modified
Fri, 17 May 2024 11:14:18 GMT
server
Apache
accept-ranges
bytes
etag
"4c3a-618a473e51381"
content-length
19514
content-type
image/png
open-lottery
web-h5.bdfl514547e.xyz/ Frame 5BE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://web-h5.bdfl514547e.xyz/open-lottery
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/head.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.142.54.1 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-54-1.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dh111.ptwmqkb.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
499
content-type
text/html
date
Tue, 09 Jul 2024 08:28:14 GMT
etag
"6644c916-1f3"
last-modified
Wed, 15 May 2024 14:39:18 GMT
server
nginx
strict-transport-security
max-age=31536000
sty1e.css
dh111.ptwmqkb.xyz/css/ Frame 9FB9 		1 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh111.ptwmqkb.xyz/css/sty1e.css
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
f58209717fbd2b69f5cee96cb099149711cbaf549cc66f7d2c94f6b4cbf67f8b

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2024 12:46:31 GMT
server
Apache
etag
"577-61b65d225b817-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
699
LOGO.jpg
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/LOGO.jpg
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
b47805dc57462566809e1174cda7fb337966aa8f8113f33a5e03d1825d51dddc

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
last-modified
Fri, 17 May 2024 11:14:19 GMT
server
Apache
accept-ranges
bytes
etag
"324cb-618a473fd8ce4"
content-length
206027
content-type
image/jpeg
zztj.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/zztj.gif
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
7ce9d075f9d9f2342e8635a660d7503eebc2b0136342c3e0feb5d786873e602a

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
last-modified
Wed, 29 May 2024 11:51:28 GMT
server
Apache
accept-ranges
bytes
etag
"5f53-619965eef3099"
content-length
24403
content-type
image/gif
sz.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		0
0
www.kj77a.com.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/www.kj77a.com.gif
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
c8a3fddd6a443629d468fad4842159fd741be9880da47ffdf5256253e1a99717

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
last-modified
Wed, 29 May 2024 11:51:19 GMT
server
Apache
accept-ranges
bytes
etag
"10a2b-619965e678395"
content-length
68139
content-type
image/gif
xzapp3.jpg
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/xzapp3.jpg
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash
b33bdcd11ebe560692092553f9183375821649d961aa89da8096ba95a8d3f84e

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
last-modified
Wed, 29 May 2024 11:51:23 GMT
server
Apache
accept-ranges
bytes
etag
"2f375-619965e9ad3c9"
content-length
193397
content-type
image/jpeg
210y.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		256 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh111.ptwmqkb.xyz/tp/210y.gif
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/ziliao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.119.13.2 , China, ASN140869 (TGL-AS-AP Turing Group Limited, NZ),
Reverse DNS
unknown.imidc.com
Software
Apache /
Resource Hash

Request headers

Referer
https://dh111.ptwmqkb.xyz/ziliao.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:28:14 GMT
last-modified
Wed, 29 May 2024 11:51:06 GMT
server
Apache
accept-ranges
bytes
etag
"111c5a-619965d961866"
content-length
1121370
content-type
image/gif
210e.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		0
0
43292_shkt_7309.gif
bwshfmx.xyz/data/image/2024/05/29/ Frame 9FB9 		0
0
43148_zxi3_8359.gif
bwshfmx.xyz/data/image/2024/05/29/ Frame 9FB9 		0
0
xzapp4.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		0
0
amsbx.jpg
tutu.finance/aomen/2024/col/191/ Frame 9FB9 		0
0
xzapp5.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		0
0
sbxym.jpg
tutu.finance/aomen/2024/col/191/ Frame 9FB9 		0
0
xzapp6.gif
dh111.ptwmqkb.xyz/tp/ Frame 9FB9 		0
0
amgjp.jpg
tutu.finance/aomen/2024/col/191/ Frame 9FB9 		0
0
amtu.jpg
80090-gxh.631234.men/yjjy/images/ Frame 9FB9 		0
0
wei.js
dh111.ptwmqkb.xyz/js/ Frame 9FB9 		0
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=C5357F3AA3EBE69A&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-sg&lo=0&rnd=440396310&si=460c2fe339a3f660e85e3e007a4127d2&v=1.3.2&lv=1&sn=23339&r=0&ww=1600&u=https%3A%2F%2Fdh111.ptwmqkb.xyz%2F&tt=%E3%80%90%E9%87%91%E5%A4%9A%E5%AE%9D%E3%80%91%E5%80%BE%E6%83%85%E6%89%93%E9%80%A0%EF%BC%8C%E5%85%AD%E5%90%88%E8%B7%AF%E4%B8%8A%E5%A4%9A%E9%87%91%E5%AE%9D%EF%BC%81
Requested by
Host: dh111.ptwmqkb.xyz
URL: https://dh111.ptwmqkb.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://dh111.ptwmqkb.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jul 2024 08:28:14 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
style.css
dh111.ptwmqkb.xyz/css/ Frame 9FB9 		0
0
stat.htm
z12.cnzz.com/ 		0
0
c.js
c.cnzz.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/tp/sz.gif
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/tp/210e.gif
Domain
bwshfmx.xyz
URL
https://bwshfmx.xyz/data/image/2024/05/29/43292_shkt_7309.gif
Domain
bwshfmx.xyz
URL
https://bwshfmx.xyz/data/image/2024/05/29/43148_zxi3_8359.gif
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/tp/xzapp4.gif
Domain
tutu.finance
URL
https://tutu.finance/aomen/2024/col/191/amsbx.jpg
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/tp/xzapp5.gif
Domain
tutu.finance
URL
https://tutu.finance/aomen/2024/col/191/sbxym.jpg
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/tp/xzapp6.gif
Domain
tutu.finance
URL
https://tutu.finance/aomen/2024/col/191/amgjp.jpg
Domain
80090-gxh.631234.men
URL
https://80090-gxh.631234.men/yjjy/images/amtu.jpg
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/js/wei.js
Domain
dh111.ptwmqkb.xyz
URL
https://dh111.ptwmqkb.xyz/css/style.css
Domain
z12.cnzz.com
URL
https://z12.cnzz.com/stat.htm?id=1281328438&r=&lg=en-sg&ntime=none&cnzz_eid=84884029-1720513697-&showp=1600x1200&p=https%3A%2F%2Fdh111.ptwmqkb.xyz%2F&t=%E3%80%90%E9%87%91%E5%A4%9A%E5%AE%9D%E3%80%91%E5%80%BE%E6%83%85%E6%89%93%E9%80%A0%EF%BC%8C%E5%85%AD%E5%90%88%E8%B7%AF%E4%B8%8A%E5%A4%9A%E9%87%91%E5%AE%9D%EF%BC%81&umuuid=190969b93469f1-0b08d8a07ca99a-11462c6f-1d4c00-190969b9347da1&h=1
Domain
c.cnzz.com
URL
https://c.cnzz.com/c.js?web_id=1281328438&t=z

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _hmt object| _czc boolean| _bdhm_loaded_460c2fe339a3f660e85e3e007a4127d2 object| _cz_loaded string| _cz_account object| _CNZZDbridge_1281328438

6 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: C5357F3AA3EBE69A
.dh111.ptwmqkb.xyz/ Name: Hm_lvt_460c2fe339a3f660e85e3e007a4127d2
Value: 1720513694
.dh111.ptwmqkb.xyz/ Name: Hm_lpvt_460c2fe339a3f660e85e3e007a4127d2
Value: 1720513694
.dh111.ptwmqkb.xyz/ Name: HMACCOUNT
Value: C5357F3AA3EBE69A
.ptwmqkb.xyz/ Name: UM_distinctid
Value: 190969b93469f1-0b08d8a07ca99a-11462c6f-1d4c00-190969b9347da1
dh111.ptwmqkb.xyz/ Name: CNZZDATA1281328438
Value: 84884029-1720513697-%7C1720513697

1 Console Messages

Source Level URL
Text
network error URL: https://dh111.ptwmqkb.xyz/images/search.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80090-gxh.631234.men
bwshfmx.xyz
c.cnzz.com
dh111.ptwmqkb.xyz
hm.baidu.com
s9.cnzz.com
tutu.finance
web-h5.bdfl514547e.xyz
z12.cnzz.com
80090-gxh.631234.men
bwshfmx.xyz
c.cnzz.com
dh111.ptwmqkb.xyz
tutu.finance
z12.cnzz.com
103.119.13.2
106.225.241.86
111.45.3.198
18.142.54.1
2b778fb0ae4b9e007ca1bb3da45b7059e1a2514f86504cd587291d19947b449c
3e3fdcbf8283e35c92f9a5d8bcc77275fdfb6f221fbd6b020391d2bc820f2fd3
56e67b787c1bec1d61f19cf5c74e84282abd70d3447a47b1d1fb3c08dc064a16
762cda3e18c95f424f0669081b95bce7a597409f4ce3e6bb8564e8b71e38911c
7c868324c51e80ec6ce94399e8c5819a67cfb3fc87dc143300a40d454319f549
7ce9d075f9d9f2342e8635a660d7503eebc2b0136342c3e0feb5d786873e602a
80f58f613ac55fbb0114ac7f62a28a4754414ddc5415fd99b611aead4bc60422
a918aae79fe0fcae75ae383880db79716fb500774c9d266b1d4823965e5327a7
b33bdcd11ebe560692092553f9183375821649d961aa89da8096ba95a8d3f84e
b47805dc57462566809e1174cda7fb337966aa8f8113f33a5e03d1825d51dddc
c8a3fddd6a443629d468fad4842159fd741be9880da47ffdf5256253e1a99717
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e29257aa756b541ed398b631706c6efbaeef6823439dc5c66a633a5005f1a4cc
e9951a7c919abe32c50615c5fbad2edd4facb32aaf1fd1b0c8852a73d9f973ce
eb704ca9ed0955657f93075d16fdd599f5beb007439b90112e4e9fa511acb2db
f58209717fbd2b69f5cee96cb099149711cbaf549cc66f7d2c94f6b4cbf67f8b
f8690708afe2f0198b51bba1990c7468aec331e8301bb192e002a487687a955f